Spam attack blocking with WAF rules
Hi guys, I have a quick question. Recently I've created a website on pure html/js (basic static page with a contact form, the only external library I use is one for displaying icons from a database). I've immediately noticed huge amounts of 404s in my server error logs, something I never got on websites I made with software like Prestashop etc. Stuff like this:
Both in public and private html, a lot of wordpress related hits as well, lots of php scripts. Presumably just trying to find anything that's vulnerable/infected. Of course none of these are in my files.
I assume it's perfectly normal - every webpage ever is being attacked, but I got curious when I started getting spam contact form submission (usually a yahoo email and a phone number from a foreign country).
I have changed the CDN to Cloudflare but the only solution that kinda works that I've found was adding a rule that gives a js challenge to anyone thats not a known bot from a different country
This is far from a future-proof solution, and I still get a handful of 404s in my logs. Robots.txt has bot access blocked to all folders except the main one obviously.
Would there be any other way of preventing this? Should I even bother? Sadly right now I'm on shared hosting so fail2ban etc. are out of conversation.
1 Reply
That's another issue, but I don't know if I should start a new thread for it. I have two forms with different id's and Google's captcha doesn't really like that without some adjustments . Looking into turnstile right now
The spam submissions did stop after enabling the WAF rule though. I just saw a new batch of 404s in my log a second ago, mostly with files with CVE vulnerabilities reported
Okay yeah Turnstile works out of the box I'm sticking with it.